Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/M7Bh4f6bQZK5nv_PpeiR56uaHd0.roa
File: M7Bh4f6bQZK5nv_PpeiR56uaHd0.roa (raw, json)
Hash identifier: vdAa9OlsTV2ynCESTliUHiCkix+h2J9nVrn67iZCQ4o=
Subject key identifier: 33:B0:61:E1:FE:9B:41:92:B9:9E:FF:CF:A5:E8:91:E7:AB:9A:1D:DD
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019D0571DC62FE5A7606B10CDAB5475FE1D6
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/M7Bh4f6bQZK5nv_PpeiR56uaHd0.roa
Signing time: Thu 19 Mar 2026 09:34:01 +0000
ROA not before: Thu 19 Mar 2026 09:34:01 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 174
IP address blocks: 89.125.67.0/24 maxlen: 24
89.125.80.0/24 maxlen: 24
89.125.94.0/24 maxlen: 24
89.125.96.0/24 maxlen: 24
89.125.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 26 Mar 2026 13:23:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:05:71:dc:62:fe:5a:76:06:b1:0c:da:b5:47:5f:e1:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Mar 19 09:34:01 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=33b061e1fe9b4192b99effcfa5e891e7ab9a1ddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:3a:c1:39:09:f2:26:99:78:a4:a0:56:90:98:
0b:e5:bb:e1:db:b7:51:94:41:69:1f:e0:2e:e7:ed:
27:7c:22:f4:5d:49:17:05:71:8f:9a:6f:31:e9:3a:
5c:7f:f2:44:87:8c:22:f3:2a:55:03:7d:24:fb:95:
d7:ba:1b:f6:45:77:f2:42:1f:4c:3b:0c:e4:45:1c:
77:03:d4:85:82:db:3a:46:71:4d:34:0a:39:b7:8d:
c5:f6:10:13:27:34:61:67:cc:7d:6e:6e:ca:ec:9d:
ac:0c:03:bb:18:ff:f3:b6:1b:e7:d1:ea:4c:b5:35:
ba:f7:56:52:df:7e:e3:59:3d:02:a2:5e:b7:d8:97:
02:79:07:be:e1:45:bd:ad:f2:ee:fc:61:c8:b4:40:
4e:90:2a:7f:3e:b1:ee:a9:3f:45:d8:f3:79:1a:b8:
62:9d:72:b5:fe:39:0a:75:ed:8a:2c:41:19:6e:3f:
74:86:b3:c0:45:3d:2d:48:63:91:94:2c:fa:a7:45:
a7:c8:75:a5:37:df:3e:4c:be:d6:91:e2:6b:bd:a2:
f6:58:58:9f:45:c5:4a:1d:2a:e4:7b:e7:19:09:4f:
ae:0f:6f:82:f7:ca:c3:97:f4:7a:6a:e9:ad:58:aa:
d4:90:0c:80:a7:0c:af:7c:95:55:fb:d9:0e:00:66:
b7:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:B0:61:E1:FE:9B:41:92:B9:9E:FF:CF:A5:E8:91:E7:AB:9A:1D:DD
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/M7Bh4f6bQZK5nv_PpeiR56uaHd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.125.67.0/24
89.125.80.0/24
89.125.94.0/24
89.125.96.0/23
Signature Algorithm: sha256WithRSAEncryption
43:3e:bc:ef:62:c6:a2:05:0b:9a:ce:0c:f0:25:22:9b:c1:06:
3f:82:14:a5:1a:bf:a6:a6:4a:c3:58:51:02:a4:65:e1:a6:b6:
0c:bc:11:67:3c:18:a0:2d:d8:bb:02:60:2a:b9:93:56:04:48:
38:33:47:a1:cc:85:a4:60:97:eb:58:0b:4f:ff:25:a4:9c:86:
44:08:c3:de:e5:92:94:72:cf:f4:70:21:00:6c:cf:c1:50:0f:
db:48:1f:bf:c7:9b:b5:ec:57:b1:b7:df:8f:c3:32:26:19:1b:
40:d9:f2:7c:5e:8e:60:6a:fa:04:db:1a:50:08:63:91:e5:b9:
80:77:e6:e2:39:46:3b:a6:fb:a5:ea:71:48:fa:58:f4:cd:83:
c9:7a:2e:85:02:64:8d:fe:da:84:1f:7e:d6:c1:27:d3:40:91:
00:1f:93:2d:9e:5b:f1:b4:8b:8f:89:78:82:73:28:d9:b6:e9:
06:73:b0:0a:9f:09:51:8f:cd:34:13:fb:17:54:4d:a7:f2:33:
f5:be:d2:5a:56:c0:e7:51:20:a9:c3:46:cc:e0:3d:9a:f0:4d:
39:a6:57:33:84:23:1b:e2:d3:62:0d:c7:e1:d1:0f:09:d6:5b:
c6:59:b7:dc:ce:03:c1:9b:56:cb:0e:59:3f:6c:41:bd:b3:3e:
68:05:49:fb
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZ0Fcdxi/lp2BrEM2rVHX+HWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjYwMzE5MDkzNDAxWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2IwNjFlMWZlOWI0MTkyYjk5ZWZmY2ZhNWU4OTFlN2FiOWExZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjrBOQnyJpl4pKBWkJgL5bvh27dR
lEFpH+Au5+0nfCL0XUkXBXGPmm8x6Tpcf/JEh4wi8ypVA30k+5XXuhv2RXfyQh9M
OwzkRRx3A9SFgts6RnFNNAo5t43F9hATJzRhZ8x9bm7K7J2sDAO7GP/zthvn0epM
tTW691ZS337jWT0Col632JcCeQe+4UW9rfLu/GHItEBOkCp/PrHuqT9F2PN5Grhi
nXK1/jkKde2KLEEZbj90hrPART0tSGORlCz6p0WnyHWlN98+TL7WkeJrvaL2WFif
RcVKHSrke+cZCU+uD2+C98rDl/R6aumtWKrUkAyApwyvfJVV+9kOAGa3OQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDOwYeH+m0GSuZ7/z6Xokeermh3dMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvTTdCaDRmNmJRWks1bnZfUHBlaVI1NnVhSGQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWX1DAwQA
WX1QAwQAWX1eAwQBWX1gMA0GCSqGSIb3DQEBCwUAA4IBAQBDPrzvYsaiBQuazgzw
JSKbwQY/ghSlGr+mpkrDWFECpGXhprYMvBFnPBigLdi7AmAquZNWBEg4M0ehzIWk
YJfrWAtP/yWknIZECMPe5ZKUcs/0cCEAbM/BUA/bSB+/x5u17Fext9+PwzImGRtA
2fJ8Xo5gavoE2xpQCGOR5bmAd+biOUY7pvul6nFI+lj0zYPJei6FAmSN/tqEH37W
wSfTQJEAH5MtnlvxtIuPiXiCcyjZtukGc7AKnwlRj800E/sXVE2n8jP1vtJaVsDn
USCpw0bM4D2a8E05plczhCMb4tNiDcfh0Q8J1lvGWbfczgPBm1bLDlk/bEG9sz5o
BUn7
-----END CERTIFICATE-----
Generated at Wed Mar 25 23:02:14 2026 by rpki-client